2 * Sylpheed -- a GTK+ based, lightweight, and fast e-mail client
3 * Copyright (C) 2001 Werner Koch (dd9jn)
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
38 #include "procheader.h"
44 #include "prefs_common.h"
45 #include "passphrase.h"
46 #include "select-keys.h"
48 #include "alertpanel.h"
50 #define DIM(v) (sizeof(v)/sizeof((v)[0]))
52 static char *content_names[] = {
54 "Content-Disposition",
55 "Content-Transfer-Encoding",
59 static char *mime_version_name[] = {
65 static void dump_mimeinfo (const char *text, MimeInfo *x)
67 debug_print ("MimeInfo[%s] %p level=%d\n",
68 text, x, x? x->level:0 );
72 debug_print (" enc=`%s' enc_type=%d mime_type=%d\n",
73 x->encoding, x->encoding_type, x->mime_type );
74 debug_print (" cont_type=`%s' cs=`%s' name=`%s' bnd=`%s'\n",
75 x->content_type, x->charset, x->name, x->boundary );
76 debug_print (" cont_disp=`%s' fname=`%s' fpos=%ld size=%u, lvl=%d\n",
77 x->content_disposition, x->filename, x->fpos, x->size,
79 dump_mimeinfo (".main", x->main );
80 dump_mimeinfo (".sub", x->sub );
81 dump_mimeinfo (".next", x->next );
82 debug_print ("MimeInfo[.parent] %p\n", x );
83 dump_mimeinfo (".children", x->children );
84 dump_mimeinfo (".plaintext", x->plaintext );
87 static void dump_part ( MimeInfo *mimeinfo, FILE *fp )
89 unsigned int size = mimeinfo->size;
92 if (fseek (fp, mimeinfo->fpos, SEEK_SET)) {
93 debug_print ("dump_part: fseek error\n");
97 debug_print ("--- begin dump_part ----\n");
98 while (size-- && (c = getc (fp)) != EOF)
101 debug_print ("dump_part: read error\n");
102 debug_print ("--- end dump_part ----\n");
107 rfc2015_secure_remove (const char *fname)
111 /* fixme: overwrite the file first */
119 name_cmp(const char *a, const char *b)
121 for( ; *a && *b; a++, b++) {
123 && toupper(*(unsigned char *)a) != toupper(*(unsigned char *)b))
131 headerp(char *p, char **names)
140 if(p2[-1] == ' ' || p2[-1] == '\t') {
149 for(i = 0 ; names[i] != NULL; i++) {
150 if(!name_cmp (names[i], p))
155 return names[i] != NULL;
159 * plain contains an entire mime object.
160 * Encrypt it and return an GpgmeData object with the encrypted version of
161 * the file or NULL in case of error.
164 pgp_encrypt ( GpgmeData plain, GpgmeRecipients rset )
168 GpgmeData cipher = NULL;
170 err = gpgme_new (&ctx);
172 err = gpgme_data_new (&cipher);
174 gpgme_set_armor (ctx, 1);
175 err = gpgme_op_encrypt (ctx, rset, plain, cipher);
179 debug_print ("encryption failed: %s\n", gpgme_strerror (err));
180 gpgme_data_release (cipher);
184 debug_print ("** encryption succeeded\n");
192 * Create and return a list of keys matching a key id
195 GSList *rfc2015_create_signers_list (const char *keyid)
197 GSList *key_list = NULL;
198 GpgmeCtx list_ctx = NULL;
203 err = gpgme_new (&list_ctx);
206 err = gpgme_op_keylist_start (list_ctx, keyid, 1);
209 while ( !(err = gpgme_op_keylist_next (list_ctx, &key)) ) {
210 key_list = g_slist_append (key_list, key);
212 if (err != GPGME_EOF)
215 if (key_list == NULL) {
216 debug_print ("no keys found for keyid \"%s\"\n", keyid);
221 debug_print ("rfc2015_create_signers_list failed: %s\n", gpgme_strerror (err));
222 for (p = key_list; p != NULL; p = p->next)
223 gpgme_key_unref ((GpgmeKey) p->data);
224 g_slist_free (key_list);
227 gpgme_release (list_ctx);
228 return err ? NULL : key_list;
232 * Encrypt the file by extracting all recipients and finding the
233 * encryption keys for all of them. The file content is then replaced
234 * by the encrypted one. */
236 rfc2015_encrypt (const char *file, GSList *recp_list, gboolean ascii_armored)
240 int i, clineidx, saved_last;
241 char *clines[3] = {NULL};
243 GpgmeData header = NULL;
244 GpgmeData plain = NULL;
245 GpgmeData cipher = NULL;
246 GpgmeRecipients rset = NULL;
248 int mime_version_seen = 0;
251 boundary = generate_mime_boundary ("Encrypt");
253 /* Create the list of recipients */
254 rset = gpgmegtk_recipient_selection (recp_list);
256 debug_print ("error creating recipient list\n" );
260 /* Open the source file */
261 if ((fp = fopen(file, "rb")) == NULL) {
262 FILE_OP_ERROR(file, "fopen");
266 err = gpgme_data_new (&header);
268 err = gpgme_data_new (&plain);
270 debug_print ("gpgme_data_new failed: %s\n", gpgme_strerror (err));
274 /* get the content header lines from the source */
277 while (!err && fgets(buf, sizeof(buf), fp)) {
278 /* fixme: check for overlong lines */
279 if (headerp (buf, content_names)) {
280 if (clineidx >= DIM (clines)) {
281 debug_print ("rfc2015_encrypt: too many content lines\n");
284 clines[clineidx++] = g_strdup (buf);
289 if (*buf == ' ' || *buf == '\t') {
290 char *last = clines[clineidx - 1];
291 clines[clineidx - 1] = g_strconcat (last, buf, NULL);
298 if (headerp (buf, mime_version_name))
299 mime_version_seen = 1;
301 if (buf[0] == '\r' || buf[0] == '\n')
303 err = gpgme_data_write (header, buf, strlen (buf));
306 FILE_OP_ERROR (file, "fgets");
310 /* write them to the temp data and add the rest of the message */
311 for (i = 0; !err && i < clineidx; i++) {
312 debug_print ("%% %s:%d: cline=`%s'", __FILE__ ,__LINE__, clines[i]);
313 err = gpgme_data_write (plain, clines[i], strlen (clines[i]));
316 err = gpgme_data_write (plain, "\r\n", 2);
317 while (!err && fgets(buf, sizeof(buf), fp)) {
318 err = gpgme_data_write (plain, buf, strlen (buf));
321 FILE_OP_ERROR (file, "fgets");
325 debug_print ("gpgme_data_write failed: %s\n", gpgme_strerror (err));
329 cipher = pgp_encrypt (plain, rset);
330 gpgme_data_release (plain); plain = NULL;
331 gpgme_recipients_release (rset); rset = NULL;
335 /* we have the encrypted message available in cipher and now we
336 * are going to rewrite the source file. To be sure that file has
337 * been truncated we use an approach which should work everywhere:
338 * close the file and then reopen it for writing. It is important
339 * that this works, otherwise it may happen that parts of the
340 * plaintext are still in the file (The encrypted stuff is, due to
341 * compression, usually shorter than the plaintext).
343 * Yes, there is a race condition here, but everyone, who is so
344 * stupid to store the temp file with the plaintext in a public
345 * directory has to live with this anyway. */
347 FILE_OP_ERROR(file, "fclose");
350 if ((fp = fopen(file, "wb")) == NULL) {
351 FILE_OP_ERROR(file, "fopen");
355 /* Write the header, append new content lines, part 1 and part 2 header */
356 err = gpgme_data_rewind (header);
358 debug_print ("gpgme_data_rewind failed: %s\n", gpgme_strerror (err));
361 while (!(err = gpgme_data_read (header, buf, BUFFSIZE, &nread))) {
362 fwrite (buf, nread, 1, fp);
364 if (err != GPGME_EOF) {
365 debug_print ("gpgme_data_read failed: %s\n", gpgme_strerror (err));
369 FILE_OP_ERROR (file, "fwrite");
372 gpgme_data_release (header); header = NULL;
374 if (!mime_version_seen)
375 fputs ("MIME-Version: 1\r\n", fp);
379 "Content-Type: text/plain; charset=US-ASCII\r\n"
380 "Content-Transfer-Encoding: 7bit\r\n"
384 "Content-Type: multipart/encrypted;"
385 " protocol=\"application/pgp-encrypted\";\r\n"
386 " boundary=\"%s\"\r\n"
389 "Content-Type: application/pgp-encrypted\r\n"
394 "Content-Type: application/octet-stream\r\n"
396 boundary, boundary, boundary);
399 /* append the encrypted stuff */
400 err = gpgme_data_rewind (cipher);
402 debug_print ("** gpgme_data_rewind on cipher failed: %s\n",
403 gpgme_strerror (err));
407 while (!(err = gpgme_data_read (cipher, buf, BUFFSIZE, &nread))) {
408 fwrite (buf, nread, 1, fp);
410 if (err != GPGME_EOF) {
411 debug_print ("** gpgme_data_read failed: %s\n", gpgme_strerror (err));
415 /* and the final boundary */
416 if (!ascii_armored) {
424 FILE_OP_ERROR (file, "fwrite");
428 gpgme_data_release (cipher);
434 gpgme_data_release (header);
435 gpgme_data_release (plain);
436 gpgme_data_release (cipher);
437 gpgme_recipients_release (rset);
439 return -1; /* error */
443 * plain contains an entire mime object. Sign it and return an
444 * GpgmeData object with the signature of it or NULL in case of error.
445 * r_siginfo returns an XML object with information about the signature.
448 pgp_sign (GpgmeData plain, GSList *key_list, gboolean clearsign,
454 GpgmeData sig = NULL;
455 struct passphrase_cb_info_s info;
458 memset (&info, 0, sizeof info);
460 err = gpgme_new (&ctx);
463 err = gpgme_data_new (&sig);
467 if (!getenv("GPG_AGENT_INFO")) {
469 gpgme_set_passphrase_cb (ctx, gpgmegtk_passphrase_cb, &info);
471 gpgme_set_textmode (ctx, 1);
472 gpgme_set_armor (ctx, 1);
473 gpgme_signers_clear (ctx);
474 for (p = key_list; p != NULL; p = p->next) {
475 err = gpgme_signers_add (ctx, (GpgmeKey) p->data);
479 for (p = key_list; p != NULL; p = p->next)
480 gpgme_key_unref ((GpgmeKey) p->data);
481 g_slist_free (key_list);
487 clearsign ? GPGME_SIG_MODE_CLEAR : GPGME_SIG_MODE_DETACH);
489 *r_siginfo = gpgme_get_op_info (ctx, 0);
493 gpgmegtk_free_passphrase();
494 debug_print ("signing failed: %s\n", gpgme_strerror (err));
495 gpgme_data_release (sig);
499 debug_print ("signing succeeded\n");
507 * Find TAG in XML and return a pointer into xml set just behind the
508 * closing angle. Return NULL if not found.
511 find_xml_tag (const char *xml, const char *tag)
513 int taglen = strlen (tag);
516 while ( (s = strchr (s, '<')) ) {
518 if (!strncmp (s, tag, taglen)) {
519 const char *s2 = s + taglen;
520 if (*s2 == '>' || isspace (*(const unsigned char*)s2) ) {
522 while (*s2 && *s2 != '>') /* skip attributes */
524 /* fixme: do need to handle angles inside attribute vallues? */
525 return *s2? (s2+1):NULL;
528 while (*s && *s != '>') /* skip to end of tag */
536 * Extract the micalg from an GnupgOperationInfo XML container.
539 extract_micalg (char *xml)
543 s = find_xml_tag (xml, "GnupgOperationInfo");
545 const char *s_end = find_xml_tag (s, "/GnupgOperationInfo");
546 s = find_xml_tag (s, "signature");
547 if (s && s_end && s < s_end) {
548 const char *s_end2 = find_xml_tag (s, "/signature");
549 if (s_end2 && s_end2 < s_end) {
550 s = find_xml_tag (s, "micalg");
551 if (s && s < s_end2) {
552 s_end = strchr (s, '<');
554 char *p = g_malloc (s_end - s + 1);
555 memcpy (p, s, s_end - s);
568 * Sign the file and replace its content with the signed one.
571 rfc2015_sign (const char *file, GSList *key_list)
575 int i, clineidx, saved_last;
576 char *clines[3] = {NULL};
578 GpgmeData header = NULL;
579 GpgmeData plain = NULL;
580 GpgmeData sigdata = NULL;
582 int mime_version_seen = 0;
587 boundary = generate_mime_boundary ("Signature");
589 /* Open the source file */
590 if ((fp = fopen(file, "rb")) == NULL) {
591 FILE_OP_ERROR(file, "fopen");
595 err = gpgme_data_new (&header);
597 err = gpgme_data_new (&plain);
599 debug_print ("gpgme_data_new failed: %s\n", gpgme_strerror (err));
603 /* get the content header lines from the source */
606 while (!err && fgets(buf, sizeof(buf), fp)) {
607 /* fixme: check for overlong lines */
608 if (headerp (buf, content_names)) {
609 if (clineidx >= DIM (clines)) {
610 debug_print ("rfc2015_sign: too many content lines\n");
613 clines[clineidx++] = g_strdup (buf);
618 if (*buf == ' ' || *buf == '\t') {
619 char *last = clines[clineidx - 1];
620 clines[clineidx - 1] = g_strconcat (last, buf, NULL);
627 if (headerp (buf, mime_version_name))
628 mime_version_seen = 1;
630 if (buf[0] == '\r' || buf[0] == '\n')
632 err = gpgme_data_write (header, buf, strlen (buf));
635 FILE_OP_ERROR (file, "fgets");
639 /* write them to the temp data and add the rest of the message */
640 for (i = 0; !err && i < clineidx; i++) {
641 err = gpgme_data_write (plain, clines[i], strlen (clines[i]));
644 err = gpgme_data_write (plain, "\r\n", 2 );
645 while (!err && fgets(buf, sizeof(buf), fp)) {
646 err = gpgme_data_write (plain, buf, strlen (buf));
649 FILE_OP_ERROR (file, "fgets");
653 debug_print ("gpgme_data_write failed: %s\n", gpgme_strerror (err));
657 sigdata = pgp_sign (plain, key_list, FALSE, &siginfo);
659 micalg = extract_micalg (siginfo);
665 /* we have the signed message available in sigdata and now we are
666 * going to rewrite the original file. To be sure that file has
667 * been truncated we use an approach which should work everywhere:
668 * close the file and then reopen it for writing. */
670 FILE_OP_ERROR(file, "fclose");
673 if ((fp = fopen(file, "wb")) == NULL) {
674 FILE_OP_ERROR(file, "fopen");
678 /* Write the rfc822 header and add new content lines */
679 err = gpgme_data_rewind (header);
681 debug_print ("gpgme_data_rewind failed: %s\n", gpgme_strerror (err));
682 while (!(err = gpgme_data_read (header, buf, BUFFSIZE, &nread))) {
683 fwrite (buf, nread, 1, fp);
685 if (err != GPGME_EOF) {
686 debug_print ("gpgme_data_read failed: %s\n", gpgme_strerror (err));
690 FILE_OP_ERROR (file, "fwrite");
693 gpgme_data_release (header);
696 if (!mime_version_seen)
697 fputs ("MIME-Version: 1.0\r\n", fp);
698 fprintf (fp, "Content-Type: multipart/signed; "
699 "protocol=\"application/pgp-signature\";\r\n");
701 fprintf (fp, " micalg=\"%s\";\r\n", micalg);
702 fprintf (fp, " boundary=\"%s\"\r\n", boundary);
704 /* Part 1: signed material */
708 err = gpgme_data_rewind (plain);
710 debug_print ("gpgme_data_rewind on plain failed: %s\n",
711 gpgme_strerror (err));
714 while (!(err = gpgme_data_read (plain, buf, BUFFSIZE, &nread))) {
715 fwrite (buf, nread, 1, fp);
717 if (err != GPGME_EOF) {
718 debug_print ("gpgme_data_read failed: %s\n", gpgme_strerror (err));
722 /* Part 2: signature */
726 fputs ("Content-Type: application/pgp-signature\r\n"
729 err = gpgme_data_rewind (sigdata);
731 debug_print ("gpgme_data_rewind on sigdata failed: %s\n",
732 gpgme_strerror (err));
736 while (!(err = gpgme_data_read (sigdata, buf, BUFFSIZE, &nread))) {
737 fwrite (buf, nread, 1, fp);
739 if (err != GPGME_EOF) {
740 debug_print ("gpgme_data_read failed: %s\n", gpgme_strerror (err));
750 FILE_OP_ERROR (file, "fwrite");
754 gpgme_data_release (header);
755 gpgme_data_release (plain);
756 gpgme_data_release (sigdata);
764 gpgme_data_release (header);
765 gpgme_data_release (plain);
766 gpgme_data_release (sigdata);
769 return -1; /* error */
774 * Sign the file with clear text and replace its content with the signed one.
777 rfc2015_clearsign (const gchar *file, GSList *key_list)
782 GpgmeData text = NULL;
783 GpgmeData sigdata = NULL;
787 if ((fp = fopen(file, "rb")) == NULL) {
788 FILE_OP_ERROR(file, "fopen");
792 err = gpgme_data_new(&text);
794 debug_print("gpgme_data_new failed: %s\n", gpgme_strerror(err));
798 while (!err && fgets(buf, sizeof(buf), fp)) {
799 err = gpgme_data_write(text, buf, strlen(buf));
802 FILE_OP_ERROR(file, "fgets");
806 debug_print("gpgme_data_write failed: %s\n", gpgme_strerror(err));
810 sigdata = pgp_sign(text, key_list, TRUE, &siginfo);
817 if (fclose(fp) == EOF) {
818 FILE_OP_ERROR(file, "fclose");
822 if ((fp = fopen(file, "wb")) == NULL) {
823 FILE_OP_ERROR(file, "fopen");
827 err = gpgme_data_rewind(sigdata);
829 debug_print("gpgme_data_rewind on sigdata failed: %s\n",
830 gpgme_strerror(err));
834 while (!(err = gpgme_data_read(sigdata, buf, sizeof(buf), &nread))) {
835 fwrite(buf, nread, 1, fp);
837 if (err != GPGME_EOF) {
838 debug_print("gpgme_data_read failed: %s\n", gpgme_strerror(err));
842 if (fclose(fp) == EOF) {
843 FILE_OP_ERROR(file, "fclose");
847 gpgme_data_release(text);
848 gpgme_data_release(sigdata);
854 gpgme_data_release(text);
855 gpgme_data_release(sigdata);
859 #endif /* USE_GPGME */